Operation Diànxùn used a fake Huawei career site to target telecoms professionals with the apparent aim of getting hold of 5G technologies.
The whole thing is detailed in this McAfee blog, which ‘details an espionage campaign, targeting telecommunication companies, dubbed Operation Diànxùn.’ It used a URL designed to look like a legitimate Huawei careers site (McAfee stresses that it has no evidence Huawei itself knew anything about this) to download malware onto the devices of visitors, thus permitting targeted theft of information contained therein.
The techniques used have previously been associated with Chinese state-sponsored threat actors RedDelta and Mustang Panda. “We believe with a moderate level of confidence that the motivation behind this specific campaign has to do with the ban of Chinese technology in the global 5G roll-out,” said the blog.
As Huawei was recently keen to point out, plenty of its technology is being used in 5G, but we presume McAfee was referring to the ban of Huawei and ZTE kit from the 5G networks of the US and many of its allies. This discovery would appear to justify the various restrictions imposed on Chinese companies by the US in the name of preventing IP theft, but there’s no conclusive proof that the Chinese state was behind the campaign.